Unified Threat Management
Fauquier County Public Schools in Virginia was one of the first to employ a combination network security solution when the technology was introduced about a decade ago.
But as the district's PC population grew and use of the Internet became more pervasive among the school's 1,600 employees and 12,000 students, the combination firewall and web-filtering product the department had been using became insufficient to handle the growing security threats.
“The further back in time you go, the less you needed,” says Todd Hickling, manager of information resources for the district. “What was fine 10 years ago isn't enough anymore. These days, both faculty and students spend a lot of time on websites outside of our firewall, and that calls for increased protection.”
About seven years ago, Hickling's team purchased a Fortinet FortiGate 800 security device, and soon followed with a second unit to handle increased capacity. Together, the load-balanced solution provides the school district with web filtering, firewall, antivirus and intrusion detection.
Appliances like the FortiGate 800 – called unified threat management (UTM) systems –are network security devices that generally combine a firewall, virtual private network (VPN), intrusion detection and antivirus capability into a single device. Manufacturers such as Check Point, Juniper Networks, McAfee, SonicWall and WatchGuard also offer the hardware. UTM devices are a logical choice for school districts because they provide an all-in-one security solution that can be managed centrally, says Charles Kolodgy, research director for security products at IDC.
Belton School District #124 in Belton, Mo., turned to UTM devices in 2001, when Network Security Engineer Troy Shaw found a WatchGuard solution that combined firewall, intrusion detection and antispam protection – something very difficult to find at the time.
“We had been using three separate firewalls with web-blocking capabilities on three campuses, but when we decided to connect all three campuses with one point of entry, going to an all-in-one solution seemed to make a lot of sense,” Shaw says. “It was a great deal for the money, and they were the only company at the time that seemed to have something like that.”
UTM products are expected to make up 33.6 percent of the total network security market by 2012, compared with 22 percent in 2008, according to IDC.
Shaw has been happy with WatchGuard and has followed their upgrade path. Today, the school district uses a WatchGuard Firebox X8500E, focusing on the firewall, intrusion prevention and authentication.
Eventually, Shaw plans to add a VPN to allow teachers to tap into the system remotely – something the UTM can easily handle, he says.
As for UTMs in general, they continue to improve. Kolodgy says UTM devices are moving toward virtualization, which will allow users to easily turn security features on and off. The devices will also allow IT to use products from different manufacturers so they can pick the best of breed for each function.
Finding the Right UTM Fit
- Choose a tool that focuses on the capabilities that are most important to your organization.
- Pick a manufacturer whose technology roadmap matches yours.
- Test drive the management console and make sure it's a good fit for your organization.
- If you have strong preferences for specific security features from certain manufacturers, factor that into the mix.
- Consider the performance specifications of the appliance. The more applications you use, the greater the workload on the device.
- Evaluate the networking features in the box. Can you use the UTM to replace a router or wireless access point? If so, the solution will be more cost-effective.
- Look at the subscription process for the applications you need, not just the initial price of the box.